cleantalk
Vulnerabilities and Security Researches

Availability Calendar, CVE-2025-46528

CVE, Research URL

CVE-2025-46528

Home page URL

Security reports for Availability Calendar

Application

Availability Calendar

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar: from n/a through 0.2.4.
Affected versions
Min -, max 0.2.4.
Status
vulnerable
Previous vulnerability researches
Advanced Linked Variations for Woocommerce (CVE-2025-46244) , Apr 23, 2025
Linked Variation for WooCommerce (CVE-2024-48047) , Oct 18, 2024
New vulnerability
Best Quiz Plugin for WordPress: WP Quiz (CVE-2025-46482) , Apr 27, 2025
Database Toolset (CVE-2025-3065) , Apr 27, 2025
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025